()
| 377 | |
| 378 | // eslint-disable-next-line authz/require-auth-wrapper -- calls getAuthenticatedUser() directly; runs pre-org-membership so cannot use withAuth |
| 379 | export const createAccountRequest = async () => sew(async () => { |
| 380 | const authResult = await getAuthenticatedUser(); |
| 381 | if (!authResult) { |
| 382 | return notAuthenticated(); |
| 383 | } |
| 384 | |
| 385 | const { user } = authResult; |
| 386 | |
| 387 | const org = await __unsafePrisma.org.findUnique({ |
| 388 | where: { |
| 389 | id: SINGLE_TENANT_ORG_ID, |
| 390 | }, |
| 391 | }); |
| 392 | |
| 393 | if (!org) { |
| 394 | return notFound("Organization not found"); |
| 395 | } |
| 396 | |
| 397 | const existingRequest = await __unsafePrisma.accountRequest.findUnique({ |
| 398 | where: { |
| 399 | requestedById_orgId: { |
| 400 | requestedById: user.id, |
| 401 | orgId: org.id, |
| 402 | }, |
| 403 | }, |
| 404 | }); |
| 405 | |
| 406 | if (existingRequest) { |
| 407 | logger.warn(`User ${user.id} already has an account request for org ${org.id}. Skipping account request creation.`); |
| 408 | return { |
| 409 | success: true, |
| 410 | existingRequest: true, |
| 411 | } |
| 412 | } |
| 413 | |
| 414 | if (!existingRequest) { |
| 415 | await __unsafePrisma.accountRequest.create({ |
| 416 | data: { |
| 417 | requestedById: user.id, |
| 418 | orgId: org.id, |
| 419 | }, |
| 420 | }); |
| 421 | |
| 422 | const smtpConnectionUrl = getSMTPConnectionURL(); |
| 423 | if (smtpConnectionUrl && env.EMAIL_FROM_ADDRESS) { |
| 424 | // TODO: This is needed because we can't fetch the origin from the request headers when this is called |
| 425 | // on user creation (the header isn't set when next-auth calls onCreateUser for some reason) |
| 426 | const deploymentUrl = env.AUTH_URL; |
| 427 | |
| 428 | const owners = await __unsafePrisma.user.findMany({ |
| 429 | where: { |
| 430 | orgs: { |
| 431 | some: { |
| 432 | orgId: org.id, |
| 433 | role: "OWNER", |
| 434 | }, |
| 435 | }, |
| 436 | }, |
no test coverage detected